Kevin W. Wall
Kevin W. Wall
I am marking this as **Milestone 3.0** because this would be a change to an major interface and could break the code of anyone who has customized their own `Authenticator`....
I think the best way to handle this is to submit a PR. If it introduces a significant number of new transitive dependencies though, we may reject it and just...
Changing this to a 3.0 milestone as it is unlikely that the current team will get to in for the 2.3 release.
Changelog files are only as good as the commit logs and more often than not, those are either too detailed or not detailed or enough and anyone who is proficient...
Wow, reading through this, I'm not really sure what do do with this (other than to remove the 'Milestone-Release2.1' label and replace this this with 'milestone 3.0', which I've done)....
This seems to be related to GitHub issue #271 which had been closed, but apparently was already implemented at some point. (I'm too lazy at the moment to track it...
I'm not sure that the original intent of ESAPI's SecurityConfiguration was ever to provide a generalized security configuration mechanism _where it could manage properties **outside** of the trusted ESAPI.properties file._...
@hbroeder - Regarding the integrity of ESAPI.properties, if that were important to people, the get thing is to put ESAPI.properties on your classpath inside of a signed jar or war...
@pallavi-t -- You're problem seems very different than the description provided by @hbroeder who created this GitHub issue. If you believe this is a bug, then open a _new_ GitHub...
Makes sense. At the time when it was written, SunJCE didn't support GCM or CCM, and there is also a small problem that we are trying to support using ESAPI...